安全域间信息资源访问的协议和方法.pdfVIP

计算机研究与发展 ISSN CN 111777/ TP Journal of Computer Research and Development 42 (9) : 1587～1593 , 2005 安全域间信息资源访问的协议和方法 1 ,3 1 2 彭双和 　韩 　臻 　沈昌祥 1 (北京交通大学计算机与信息技术学院　北京 　100044) 2 (海军计算技术研究所 　北京 　100841) 3 (北京机械工业学院　北京 　100085) (shhpeng @sohucom) Security Protocol and Scheme for InterRealm Information Accessing Peng Shuanghe1 ,3 , Han Zhen1 , and Shen Changxiang2 1 ( ) School of Computer and Inf orm ation Technology , Beijin g Jiaotong U niversity , Beijin g 100044 2 ( ) Institute of N aval Computer Technology , Beijin g 100841 3 ( ) Beijin g Institute of Mechanical Technology , Beijin g 100085 Abstract 　In order to improve the security of Intranet , application boundary security devices must be set In order to access resources in different application areas on Internet in a security way ,authentication is the first key step Kerberos is an authentication protocol that is widely used It is applied in application bound ary securit y devices such as socks5 But there exists some limitation In the processing of authentication be tween application boundary securit y devices , the object authenticated by application boundary securit y de vice at resource realm is not client which requests the resource , but application boundary securit y device at principal realm So the object audited by application boundary security device at resource realm isn ’t the re ally one A new interrealm authentication protocol and a new identitypassing protocol based on Kerberos v5 interrealm authentic